Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: CISCOs new IPS

from [Gary Halleen (ghalleen)] Network Security [Permanent Link]
Subject: RE: CISCOs new IPS
Date: Thu, 6 Jan 2005 18:00:54 -0800 
Actually, that's not quite correct, Billy?

Cisco IPS 5.0 is just around the corner, and is a full-fledged
appliance-based IPS product.  It will support various drop actions, as well
as traffic normalization and antivirus/antiworm.

The IOS IPS you're referencing is a subset of what will be available in IPS
5.0. 

Gary


-----Original Message-----
From: Billy Dodson [mailto:billy@pmicromart.com] 
Sent: Thursday, January 06, 2005 12:18 PM
To: loloinfo@free.fr
Cc: focus-ids@securityfocus.com
Subject: RE: CISCOs new IPS

The cisco IPS is not quite what I thought it was going to be.  The IPS is
intended for use at branch offices or remote users where you would not
normally spring for a fire-walling device.  The IPS is nothing more then a
IOS router with IOS firewall and the IDS engine.  The IPS is just software
that runs on a cisco router.  It can use around 740 signatures from the
cisco IDS to run its "prevention".  It basically turns your router into a
small IDS/firewall.  It will be able to create access lists or shuns on the
fly.  The same as a current cisco IDS works in conjunction with an IOS
router or PIX firewall.  This device is not intended to be the first line of
defense within the network.  

The cisco IPS is not replacing the cisco IDS.  The cisco IDS is still a good
product and can be used as a prevention device when used in conjunction with
a router or firewall.  You can configure the sensor to send commands to the
router or firewall to Shun the connection or create an access list on a
router.


-----Original Message-----
From: loloinfo@free.fr [mailto:loloinfo@free.fr]
Sent: Monday, January 03, 2005 5:52 AM
To: Christoph Pertl (tm011081)
Cc: focus-ids@securityfocus.com
Subject: Re: CISCOs new IPS

is it CSA ??????????????

Selon "Christoph Pertl (tm011081)" <tm011081@fh-stpoelten.ac.at>:


Hi,

I'm right now in the middle of a Project with the goal to implement an

IPS

in an existing infrastructure. One of our possible Partners offers us

the

new IPS Product from Cisco.

Does anyone of you now something about this machine or at least about

the

older IDS-Box because I think the Inspection Engine will be the same?

Any Information about how well it performs in a real environment would

be

great

Christoph




------------------------------------------------------------------------
--

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to

http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.


------------------------------------------------------------------------
--







------------------------------------------------------------------------
--
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.
------------------------------------------------------------------------
--




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: snort signature analysis tools, Scott Kelly
Next by Date:  Re: ForeScout ActiveScout, dywzh dywzh
Previous by Thread:  Re: CISCOs new IPS, Krystian Antoni
Next by Thread:  RE: CISCOs new IPS, Billy Dodson
Indexes:  [Date] [Thread] [Top] [All Lists]